Re: W32.HLLW.Gaobot.gen part II
From: etham (etham_at_discussions.microsoft.com)
Date: 11/19/04
- Next message: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
- Previous message: Bob_K: "I need to delete users with Microsoft XP home edition"
- In reply to: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
- Next in thread: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
- Reply: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 19 Nov 2004 11:53:06 -0800
*UPDATE*
I was wrong about Kaspersky AV catching the virus. It apparently only caught
a variant of it called Agobot or something named like that. The virus remains
and I am once again out of options.
"David H. Lipman" wrote:
> That's right Etham. Adaware does NOT find viruses. It finds other forms of malware
> (adware, spyware, browser hijackers, data miners, etc.). Often viruses, Trojans and other
> forms of malware can work together thus the recommendation of TrendMicro Sysclean and
> Lavasoft Adaware.
>
> It is too bad that Sysclean did not catch this variant of Gaobot, but, there are many
> variants that Trend Sysclean will detect and clean.
>
> Dave
>
>
>
> "etham" <etham@discussions.microsoft.com> wrote in message
> news:999BB32C-1A18-444C-8FCD-B9988C9A9F28@microsoft.com...
> | I asked a friend who is quite the expert with computers. He recommended I use
> | Kaspersky's AV and the program detected, blocked, and deleted the virus.
> |
> | P.S. I tried Trend Sysclean before I used Kaspersky. It did not work.
> | Adaware did not pickup any viruses (although I don't believe thats what it
> | does)
> |
> |
> |
> | "David H. Lipman" wrote:
> |
> | > 1) Download the following four items...
> | >
> | > McAfee Stinger
> | > http://vil.nai.com/vil/stinger/
> | >
> | > Trend Sysclean Package
> | > http://www.trendmicro.com/download/dcs.asp
> | >
> | > Latest Trend Pattern File.
> | > http://www.trendmicro.com/download/pattern.asp
> | >
> | > Adaware SE (free personal version v1.05)
> | > http://www.lavasoftusa.com/
> | >
> | > Create a directory.
> | > On drive "C:\"
> | > (e.g., "c:\New Folder")
> | > or the desktop
> | > (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
> | >
> | > Download Sysclean.com and place it in that directory.
> | > Dowload the Trend Pattern File by obtaining the ZIP file.
> | > For example; lpt251.zip
> | >
> | > Extract the contents of the ZIP file and place the contents in the same directory as
> | > sysclean.com.
> | >
> | > 2) Update Adaware with the latest definitions.
> | > 3) Disable System Restore
> | > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
> | > 4) Reboot your PC into Safe Mode
> | > 5) Using Trend Sysclean, Stinger and Adaware, perform a Full Scan of your
> | > platform and clean/delete any infectors/parasites found.
> | > (a few cycles may be needed)
> | > 6) Restart your PC and perform a "final" Full Scan of your platform using the three
> | > utilities; Trend Sysclean, Stinger and Adaware
> | > 7) Re-enable System Restore and re-apply any System Restore preferences,
> | > (e.g. HD space to use suggested 400 ~ 600MB),
> | > 8) Reboot your PC.
> | > 9) Create a new Restore point
> | >
> | > You can also try some of the below online scanners.
> | >
> | > BitDefender:
> | > http://www.bitdefender.com/scan/license.php
> | >
> | > Computer Associates:
> | > http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
> | >
> | > DialogueScience:
> | > http://www.antivir.ru/english/www_av/
> | >
> | > F-Secure:
> | > http://support.f-secure.com/enu/home/ols.shtml
> | >
> | > Freedom Online scanner:
> | > http://www.freedom.net/viruscenter/index.html
> | >
> | > Kaspersky:
> | > http://www.kaspersky.com/de/scanforvirus
> | >
> | > McAfee:
> | > http://www.mcafee.com/myapps/mfs/default.asp
> | >
> | > Panda:
> | > http://www.pandasoftware.com/activescan/
> | >
> | > RAV
> | > http://www.ravantivirus.com/scan/
> | >
> | > Symantec:
> | > http://security.symantec.com/
> | >
> | > Trend:
> | > http://housecall.antivirus.com
> | > http://housecall.trendmicro.com
> | >
> | >
> | > * * * Please report your results ! * * *
> | >
> | > Dave
> | >
> | >
> | >
> | >
> | > "etham" <etham@discussions.microsoft.com> wrote in message
> | > news:B8951553-414D-40DC-B3AC-62E46365B49E@microsoft.com...
> | > | This has been the most resistent virus I've ever encountered.
> | > |
> | > | The other night I fired up DC++, a popular P2P program used by my university
> | > | and upon logging in, I instantly got a warning from Norton telling me I was
> | > | infected. It tried to repair but it failed. I've done eight scans in
> | > | safe-mode using VARIOUS types of scanners (AVG, Trend, Panda, Trojan Hunter)
> | > | but none can even find the virus. I also used the fix tool provided by
> | > | Symantec but it does not find the virus either. I've disabled my system
> | > | restore (although I did not do so for the first scan. I was unaware).
> | > |
> | > | Any help and suggestions (other than reformating) would be appreciated.
> | >
> | >
> | >
>
>
>
- Next message: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
- Previous message: Bob_K: "I need to delete users with Microsoft XP home edition"
- In reply to: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
- Next in thread: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
- Reply: David H. Lipman: "Re: W32.HLLW.Gaobot.gen part II"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
